public void CustomerTotals()
        {
            var customer_code = "c000";

            unitOfWork.Data = new MockData
            {
                Users = new List <User> {
                    new User {
                        id = 1, name = "Test", customer_code = customer_code
                    }
                }
            };
            apiClient.Data.CustomerTotals = new CustomerTotals
            {
                balance       = 100,
                creditLimit   = 1000,
                numOfInvoices = 10,
                orderTotal    = 10000
            };

            DateTime?dateFrom = DateTime.Today.AddDays(-2), dateTo = DateTime.Today.AddDays(2);

            var permissions = new List <Permission>
            {
                new Permission {
                    id = (int)PermissionId.ViewInvoiceHistory
                }
            };

            cache.Set($"permissions_1", permissions, null);

            request.Headers.Authorization = new AuthenticationHeaderValue("jwt", "1");
            controller.Request            = request;
            var result = controller.getCustomerTotals(customer_code, dateFrom, dateTo, "").Result;

            Assert.IsNotNull(result);
            Assert.IsNotNull(apiClient.Parameters);
            Assert.IsTrue(apiClient.Parameters.ContainsKey("customer"));
            Assert.IsTrue(apiClient.Parameters.ContainsKey("dateFrom"));
            Assert.AreEqual(dateFrom, DateTime.Parse(apiClient.Parameters["dateFrom"], CultureInfo.InvariantCulture.DateTimeFormat));
            Assert.IsTrue(apiClient.Parameters.ContainsKey("dateTo"));
            Assert.AreEqual(dateTo, DateTime.Parse(apiClient.Parameters["dateTo"], CultureInfo.InvariantCulture.DateTimeFormat));
            Assert.IsTrue(apiClient.Parameters.ContainsKey("searchText"));
            Assert.AreEqual("", apiClient.Parameters["searchText"]);
            Assert.AreEqual(customer_code, apiClient.Parameters["customer"]);
            Assert.IsInstanceOfType(result, typeof(OkNegotiatedContentResult <Task <CustomerTotals> >));
            Assert.AreEqual(apiClient.Data.CustomerTotals.balance,
                            (result as OkNegotiatedContentResult <Task <CustomerTotals> >)?.Content?.Result?.balance);
        }
        public void GetUserPermissions()
        {
            var mockData = new MockData
            {
                Users = new List <User>
                {
                    new User {
                        id    = 1, username = "******", password = "******", customer_code = "cust", email = "email",
                        Roles = new List <Role>
                        {
                            new Role {
                                id = Role.User
                            }
                        },
                        Customer = new Customer {
                            code = "cust"
                        },
                        Permissions = new List <Permission>
                        {
                            new Permission
                            {
                                id = (int)PermissionId.ViewAccountDetails
                            }
                        }
                    }
                }
            };

            unitOfWork.Data = mockData;

            var permissions = controller.GetUserPermissions(mockData.Users[0]);

            Assert.AreEqual(1, permissions.Count);

            cache.Set("permissions_1", new List <Permission>(), null);
            permissions = controller.GetUserPermissions(mockData.Users[0]);
            Assert.AreEqual(0, permissions.Count);
        }
        public void GetOrder()
        {
            unitOfWork.Data = Utils.CreateAdminAndUser();
            //NO user
            controller.Request.Headers.Authorization = new AuthenticationHeaderValue("jwt", "0");
            var result = controller.GetOrder("o", "c");

            Assert.IsInstanceOfType(result.Result, typeof(UnauthorizedResult));

            controller.Request.Headers.Authorization = new AuthenticationHeaderValue("jwt", "2");
            var permissions = new List <Permission>
            {
                new Permission {
                    id = (int)PermissionId.ViewOrderHistory
                }
            };

            cache.Set($"permissions_2", permissions, null);
            result = controller.GetOrder("o", "c1");
            Assert.IsNotNull(result);
            Assert.IsNotNull(apiClient.Parameters);
            Assert.IsTrue(apiClient.Parameters.ContainsKey("order_no"));
            Assert.IsTrue(apiClient.Parameters.ContainsKey("customer_code"));
            Assert.AreEqual(unitOfWork.Data.Users.FirstOrDefault(u => u.id == 2)?.customer_code, apiClient.Parameters["customer_code"]);

            //Branch admin
            unitOfWork.Data           = Utils.CreateAdminAndUser();
            apiClient.Data.Order      = new Order();
            unitOfWork.Data.Customers = new List <Customer>
            {
                new Customer {
                    code = "c1"
                },
                new Customer {
                    code = "c2", invoice_customer = "c3"
                },
                new Customer {
                    code = "c3"
                }
            };

            controller.Request.Headers.Authorization = new AuthenticationHeaderValue("jwt", "3");
            cache.Set($"permissions_3", permissions, null);
            unitOfWork.Data.Users.Add(new User {
                id = 3, Roles = new List <Role> {
                    new Role {
                        id = Role.BranchAdmin
                    }
                }, customer_code = "c3"
            });
            var res = controller.GetOrder("o", "c3").Result;

            Assert.IsNotNull(res);
            Assert.AreEqual("c3", apiClient.Parameters["customer_code"]);
            res = controller.GetOrder("o", "c2").Result;
            Assert.IsNotNull(res);
            Assert.AreEqual("c2", apiClient.Parameters["customer_code"]);

            res = controller.GetOrder("o", "c1").Result;
            Assert.IsNotNull(res);
            Assert.AreNotEqual("c1", apiClient.Parameters["customer_code"]);

            //permissions
            controller.Request.Headers.Authorization = new AuthenticationHeaderValue("jwt", "2");
            cache.Remove("permissions_2");
            res = controller.GetOrder("o", "c2").Result;
            Assert.IsNotNull(res);
            Assert.IsInstanceOfType(res, typeof(UnauthorizedResult));
        }
        public void GetPrice()
        {
            var code = "code";

            unitOfWork.Data = Utils.CreateAdminAndUser();
            controller.Request.Headers.Authorization = new AuthenticationHeaderValue("jwt", "2");
            var permissions = new List <Permission>
            {
                new Permission {
                    id = (int)PermissionId.ViewStockSearch
                }
            };

            cache.Set($"permissions_2", permissions, null);
            var customer_code = "c1";
            var result        = controller.getPrice(customer_code, code);

            Assert.IsInstanceOfType(result.Result, typeof(UnauthorizedResult));

            unitOfWork.Data.Users.FirstOrDefault(u => u.id == 2).isInternal = true;
            result = controller.getPrice(customer_code, code);
            Assert.IsNotInstanceOfType(result, typeof(UnauthorizedResult));
            Assert.IsTrue(apiClient.Parameters.ContainsKey("customer"));
            Assert.IsTrue(apiClient.Parameters.ContainsKey("product"));
            Assert.IsInstanceOfType((result.Result as OkNegotiatedContentResult <Task <object> >)?.Content?.Result, typeof(ProductPrices));

            //Branch admin
            unitOfWork.Data           = Utils.CreateAdminAndUser();
            apiClient.Data.Orders     = new List <Order>();
            unitOfWork.Data.Customers = new List <Customer>
            {
                new Customer {
                    code = "c1"
                },
                new Customer {
                    code = "c2", invoice_customer = "c3"
                },
                new Customer {
                    code = "c3"
                }
            };
            controller.Request.Headers.Authorization = new AuthenticationHeaderValue("jwt", "3");
            cache.Set($"permissions_3", permissions, null);
            unitOfWork.Data.Users.Add(new User {
                id = 3, Roles = new List <Role> {
                    new Role {
                        id = Role.BranchAdmin
                    }
                }, customer_code = "c3"
            });
            var res = controller.getPrice("c3", code).Result;

            Assert.IsNotNull(res);
            Assert.AreEqual("c3", apiClient.Parameters["customer"]);
            res = controller.getPrice("c2", code).Result;
            Assert.IsNotNull(res);
            Assert.IsNotInstanceOfType(res, typeof(UnauthorizedResult));
            Assert.AreEqual("c2", apiClient.Parameters["customer"]);

            res = controller.getPrice("c1", code).Result;
            Assert.IsNotNull(res);
            Assert.IsInstanceOfType(res, typeof(UnauthorizedResult));

            //user permissions
            cache.Remove("permissions_2");
            controller.Request.Headers.Authorization = new AuthenticationHeaderValue("jwt", "2");
            res = controller.getPrice("c2", code).Result;
            Assert.IsNotNull(res);
            Assert.IsInstanceOfType(res, typeof(UnauthorizedResult));
        }